function Create-Certificate
{
<#
.SYNOPSIS
Create a self-signed certificate to be used for the HPC cluster deployment. 
.DESCRIPTION
Create a self-signed certificate to be used for the HPC cluster deployment. 
This certificate will be used for multiple purposes, as the management certificate, SSL certificate and 
password encryption.
Inspired from http://blogs.technet.com/b/vishalagarwal/archive/2009/08/22/generating-a-certificate-self-signed-using-powershell-and-certenroll-interfaces.aspx
.EXAMPLE
Create-Certificate -CN "CloudBlitz Management Certificate" -Password "P@SSWORD" -CertFileName "cloudblitzmgmt"
.PARAMETER CN
The value that will be placed for CN.
.PARAMETER Password
Certificate private key password
.PARAMETER CertFileName
The file name for the exported PFX and CER files. The CER and PFX file are created using this string as the file name root. When set as cloudblitz, it will create cloudblitz.pfx and cloudblitz.cer.
#>
[CmdletBinding()]
Param
(
    [Parameter(Mandatory=$True, ValueFromPipeline=$True, ValueFromPipelineByPropertyName=$True)]
    [string]$CN,

    [Parameter(Mandatory=$True, ValueFromPipeline=$True, ValueFromPipelineByPropertyName=$True)]
    [string]$Password,

    [Parameter(Mandatory=$True, ValueFromPipeline=$True, ValueFromPipelineByPropertyName=$True)]
    [string]$CertFileName
)
begin
{
    $name = new-object -com "X509Enrollment.CX500DistinguishedName.1"
    $name.Encode("CN=$CN", 0)

    $key = new-object -com "X509Enrollment.CX509PrivateKey.1"
    $key.ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
    $key.KeySpec = 1
    $key.Length = 1024
    $key.SecurityDescriptor = "D:PAI(A;;0xd01f01ff;;;SY)(A;;0xd01f01ff;;;BA)(A;;0x80120089;;;NS)"
    $key.MachineContext = 0
    $key.ExportPolicy = 1
    $key.ProviderType = 12
    #$key.KeyUsage = 0xffffff
    $key.Create()

    $serverauthoid = new-object -com "X509Enrollment.CObjectId.1"
    $serverauthoid.InitializeFromValue("1.3.6.1.5.5.7.3.1")
    $clientauthoid = new-object -com "X509Enrollment.CObjectId.1"
    $clientauthoid.InitializeFromValue("1.3.6.1.5.5.7.3.2")
    $ekuoids = new-object -com "X509Enrollment.CObjectIds.1"
    $ekuoids.add($serverauthoid)
    $ekuoids.add($clientauthoid)
    $ekuext = new-object -com "X509Enrollment.CX509ExtensionEnhancedKeyUsage.1"
    $ekuext.InitializeEncode($ekuoids)

    $cert = new-object -com "X509Enrollment.CX509CertificateRequestCertificate.1"
    $cert.InitializeFromPrivateKey(1, $key, "")
    $cert.Subject = $name
    $cert.Issuer = $cert.Subject
    $cert.NotBefore = (get-date).ToUniversalTime()
    $cert.NotAfter = $cert.NotBefore.AddDays(180)
    $cert.X509Extensions.Add($ekuext)
    $cert.Encode()

    $enrollment = new-object -com "X509Enrollment.CX509Enrollment.1"
    $enrollment.InitializeFromRequest($cert)
    $certdata = $enrollment.CreateRequest(0)
    $enrollment.InstallResponse(2, $certdata, 0, "")

    $installedCert = @(dir Cert:\CurrentUser\My | Where-Object { $_.Subject -match $CN} )[0]
	
    $pfx = $installedCert.Export([System.Security.Cryptography.X509Certificates.X509ContentType]::Pfx, $Password)
    $pfxName = $CertFileName + ".pfx"
    Set-Content -Value $pfx -Encoding Byte -Path $pfxName

    $cerBytes = $installedCert.Export("cer")
    $cerName = $CertFileName + ".cer"
    Set-Content -Value $cerBytes -Encoding Byte -Path $cerName
}
}